Details on getting and installing SEL (security-enhanced Linux)

How do I get SEL (security-enhanced Linux)? Does it come with distributions, or does it require a separate install?

SEL (security-enhanced Linux) (licensed by the GPL) is actually integrated into the standard 2.6 kernel (as of 8/2003), as well as on some Linux distributions. It is available either as a download, or you can use the distribution that already includes support for SELinux. With the download, you can install just the SELinux modifications on an existing Linux platform (check your distributions SEL support page).

It is important to note that when installing SEL on a Linux distribution that lacks official SELinux support (such as SUSE), you must compile the software and also have other necessary system packages. SELinux itself consists of an SELinux-enabled Linux kernel, which is a core set of libraries and utilities, some modified packages, and a policy configuration.

For example, Fedora cores 5 and 6, RHEL5, Hardened Gentoo and Debian etch, all are not only supported, but even have all SEL's recent technology enhancements integrated into their distributions. Some of these new innovations includes references polices, loadable modules and policy management infrastructure. It is important to reiterate that SELinux is not presently supported in the SuSE (and many others as well) Linux distribution.

While SLES9 has held an EAL4+ certification for awhile now and was also built around the 2.6 Linux kernel, Novell has not been a vocal supporter of SEL. Their public stance has been that the technology is just too complicated for users to implement successfully. A lot has changed recently with the new features of SEL (as well as the tighter integration with supported distributions), which make it much simpler to work with and perhaps could cause some future policy changes at Novell.

Start the conversation

0 comments

Register

I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

Please check the box if you want to proceed.

I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.